Linux Kernel CVE-2017-1000379 Local Security Bypass Vulnerability
by CIRT Team
Description: The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
Impact: Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Linux Kernel 4.11.5 is vulnerable; other versions may also be affected.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
Reference URL’s:
- http://www.cvedetails.com/cve/CVE-2017-1000379/
- http://www.securityfocus.com/bid/99284/info
- https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1462165
- https://access.redhat.com/security/cve/CVE-2017-1000379
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts